The Wayback Machine - https://web.archive.org/web/20250731152106/https://www.microsoft.com/en-us/securityengineering
This is the Trace Id: 77d50c839444a5d2a69896fded8b811a
Security Engineering Portal

Security Engineering Portal

Discover the security engineering practices used at Microsoft to build and operate highly secure apps and services.

Overview

In todayā€™s complex and regulated environment, organizations need to focus on building more secure solutions that deliver value to their customers, partners, and shareholders. Through the Security Engineering Portal, weā€™re sharing what weā€™ve learned through our decades of experience implementing and continuously improving security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of services and data.

Explore the following development guidance, models, and tools to get started.

Security Development Lifecycle (SDL)

Learn about the Microsoft SDL and how you can use to develop more secure software.
Learn more

Operational Security

Establish a scalable process for improving operational security in cloud-based infrastructure.
Learn more

OSS Secure Supply Chain

Learn about how to securely consume open source through the OSS Secure Supply Chain Framework and protect your developers from OSS supply chain threats.
Learn more
Cybersecurity Teams

Cybersecurity Teams

Learn how Microsoft has invested in multiple cybersecurity teams and related facilities to address threats to our customers and our technology ecosystem.
Learn more

Microsoft also has specialized groups and teams to provide intensive focus on specific security issues, including:

  • Ā TheĀ Microsoft Digital Crimes Unit, which brings together experts who are dedicated to disrupting cybercrime threats such as botnet-driven internet attacks and online child sexual exploitation.Ā 
  • Ā TheĀ Government Security Program, provides qualified participants with confidential security information they need to trust Microsoftā€™s products and services.
  • Ā TheĀ Microsoft Security Response Center, led by some of the worldā€™s most experienced security experts, which delivers a worldwide security response, collaborates with the security community to help improve customer security, advances innovation in the security landscape, provides authoritative security guidance, and publishes the semi-annualĀ Security Intelligence Report.Ā 
  • Ā TheĀ Windows Defender Security Intelligence Center, which is the antimalware research-and-response organization within Microsoft that protects computer systems from malicious software attacks. The center continuously monitors millions of computers worldwide, gathering and analyzing threat data. With help from researchers around the world, it can identify and mitigate new threats within hours of their discovery.Ā